search

aperezdc / snabb

Snabb Switch: Fast open source packet processing
Apache License 2.0
4 stars 1 forks source link

Forward selected traffic(from nDPI) to another NIC #12

Open mmanoj opened 7 years ago

mmanoj commented 7 years ago

Hi,

I'm using snabbwall with L7spy to select some traffic and forward it to second NIC located in same machine. Currently I'm testing with virtual interface. I done wiring as follows. However I'm getting below error while it run.

Please advice.

core/main.lua:26: Message too long stack traceback: core/main.lua:137: in function <core/main.lua:135> [C]: in function 'error' core/main.lua:26: in function 'assert' apps/socket/raw.lua:114: in function 'transmit' apps/socket/raw.lua:90: in function 'method' core/app.lua:87: in function 'with_restart' core/app.lua:335: in function 'thunk' core/histogram.lua:98: in function 'breathe' core/app.lua:273: in function 'main' program/wall/spy/spy.lua:343: in function 'run' program/wall/wall.lua:19: in function 'run' core/main.lua:56: in function <core/main.lua:43> [C]: in function 'xpcall' core/main.lua:179: in main chunk [C]: at 0x00452230 [C]: in function 'pcall' core/startup.lua:3: in main chunk [C]: in function 'require' [string "require "core.startup""]:1: in main chunk

config.app(c,"qos",nDPIQoS,s) config.app(c,"qosfw",nDPIQoSfw,s) config.app(c, "nic1", raw.RawSocket, "wlp1s0") config.app(c, "nic2", raw.RawSocket, "veth0") config.link(c,last_app_name..".north -> qosfw.input") last_app_name = "qos" -- config.link(c, last_app_name..".south -> qosfw.input") config.link(c, "qosfw.output -> nic2.rx")

** I add following to spy.lua

local nDPIQoSfw = setmetatable({}, util.SouthAndNorth) nDPIQoSfw.__index = nDPIQoSfw

function nDPIQoSfw:new (scanner) return setmetatable({ scanner = scanner }, self) end

function nDPIQoSfw:push() local i = assert(self.input.input, "input port not found") local o = assert(self.output.output, "output port not found")

-- TODO: should establish one rule-set per destination IP (ie the target IP we are mitigation for) -- TODO: need to write ethernet headers on egress to match the MAC address of our "default gateway"

while not link.empty(i) and not link.full(o) do self:process_packet(i, o) end end

function nDPIQoSfw:process_packet(i, o) local p = link.receive(i)

link.transmit(o, p) return end

mmanoj commented 7 years ago

Hi,

Any update / advice on this issue, I'm looking forward to resolve this issue. Your valuable advice is highly appreciated. I also like to contribute to this project.

aperezdc commented 7 years ago

@mmanoj: I see that you are deriving your nDPIQoSfw instance from util.SouthAndNorth, so instead of implementing :push() you may want to do the following instead:

local nDPIQoSfw = setmetatable({}, util.SouthAndNorth)
nDPIQoSfw.__index = nDPIQoSfw

function nDPIQoSfw:new (scanner)
  return setmetatable({ scanner = scanner }, self)
end

function nDPIQoSfw:on_southbound_packet(p)
  -- Process packet "p" coming from the "south" link and going to the "north" one
end

function nDPIQoSfw:on_northboubd_packet(p)
  -- Similarly, process packet "p", going in the other direction.
end

If you want to call your links differently, or implement more complex logic, then do not inherit from util.SouthAndNorth.

aperezdc commented 7 years ago

As for the Message too long error, I think it can be that the write() system call is returning an EFBIG error code. I have never seen it before with a RawSocket, but I have the suspicion your program may be trying to put a packet on the wire which is bigger than the MTU of the device associated with the raw socket. Typically the MTU is 1500 bytes for Ethernet-style devices, but many allow configuring it to other values. Packets in Snabb can be up to 10240 bytes.

@takikawa: Do you have any thought on what could be causing the error?

mmanoj commented 7 years ago

@aperezdc Thanks for the advice, I manage to resolve the MTU issue via below thread. https://github.com/snabbco/snabb/issues/1091

However I'm not able to get the traffic to second NIC. I will try your above code and update you the result.

By the way what is the update about QoS implementation in your project ?

Thank you, Manoj M

aperezdc commented 7 years ago

@mmanoj: We do not have plans for adding QoS at the moment, only for traffic filtering. That being said, I think we could be open to add support for QoS if somebody is willing to help out with that :wink:

mmanoj commented 7 years ago

@aperezdc

Thank you for the clarification, Yes I'm open to discuss this aspect, Currently I'm looking the feasibility to have DXP+eBPF approach to have 10G and Up QoS. Hope Snabbwall is much develop than XDP project as per now.

I'm looking to have protocol/service aware(DPI) QoS for individual IP based policies enforcement. we can discuss and see the way forward. Thank you for the highlight.

Thank you, Manoj M